Usually when a new user starts you want them to be “like” one of a limited number of users. Not just any user in the company.
Say someone starts in Accounting you want them to be like “George”, in Sales they should be like “Lisa” and an executive might be like “Anna”. So instead of letting users pick any person to impersonate you could in your script let them pick between “George”, “Lisa” and “Anna”.
Unless you are extremely rigid in your group structure, there is a problem with picking a user to copy groups (and permissions) from. If the user for some reason has needed access to something they usually wouldn’t have access to as part of their day-to-day work, those groups and permissions would be copied to the new user as well.
However I think a better choice is to create a number of templates instead. Basically in your script you define roles in stead of impersonating other users.
For instance you could create a set of variables containing the groups for each role:
# All new users need the following groups
$defaultGroups = @('AllUsers')
# Members of Accounting need the following:
$accountGroups = @('Accounting','Finance')
# Members of Sales need the following:
$salesGroups = @('Sales','Finance',)
# Members of the Executive have the following
$executiveGroups = @('Executive','PrivateRestroom')
So when a new user starts you just use the relevant group-array to create the new user based on their role in the company.
If they need special permissions of the kind mentioned above, you can handle that on a case by case basis.
This should probably have been in the original thread, just caught on Olafs comment about choosing users to pick from.